Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/c3e3ad-51eb-4e96-98b2-0b1d09498534/1/nzmWaGPYL6i9HKOTaQX6HiSpoL8.mft
File:                     nzmWaGPYL6i9HKOTaQX6HiSpoL8.mft (raw, json)
Hash identifier:          eWR6g2J338R/lXzkCVMZw4USxyw7MaapPpsoAnQsCo8=
Subject key identifier:   57:4E:E0:A3:AB:96:BF:C3:13:63:13:EA:44:72:AE:34:44:B6:C2:61
Authority key identifier: 9F:39:96:68:63:D8:2F:A8:BD:1C:A3:93:69:05:FA:1E:24:A9:A0:BF
Certificate issuer:       /CN=9f39966863d82fa8bd1ca3936905fa1e24a9a0bf
Certificate serial:       0193572DDBC455885636E32F2A29C7AB31C5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/nzmWaGPYL6i9HKOTaQX6HiSpoL8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5e/c3e3ad-51eb-4e96-98b2-0b1d09498534/1/nzmWaGPYL6i9HKOTaQX6HiSpoL8.mft
Manifest number:          12FF
Signing time:             Sat 23 Nov 2024 04:00:43 +0000
Manifest this update:     Sat 23 Nov 2024 04:00:43 +0000
Manifest next update:     Sun 24 Nov 2024 04:00:43 +0000
Files and hashes:         1: nzmWaGPYL6i9HKOTaQX6HiSpoL8.crl (hash: HxzHWy14vrgvA1V3dDjSqU+xIfZ/qorZS0MxDNQV7O4=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5e/c3e3ad-51eb-4e96-98b2-0b1d09498534/1/nzmWaGPYL6i9HKOTaQX6HiSpoL8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5e/c3e3ad-51eb-4e96-98b2-0b1d09498534/1/nzmWaGPYL6i9HKOTaQX6HiSpoL8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/nzmWaGPYL6i9HKOTaQX6HiSpoL8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Nov 2024 04:00:43 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:57:2d:db:c4:55:88:56:36:e3:2f:2a:29:c7:ab:31:c5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9f39966863d82fa8bd1ca3936905fa1e24a9a0bf
        Validity
            Not Before: Nov 23 04:00:43 2024 GMT
            Not After : Nov 24 04:00:43 2024 GMT
        Subject: CN=574ee0a3ab96bfc3136313ea4472ae3444b6c261
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dd:6b:ca:f1:c8:5f:30:47:8f:a8:e8:88:30:bb:
                    4c:cd:d4:25:21:a6:45:55:bc:d1:f5:71:05:09:91:
                    bd:66:1a:1b:c9:04:c3:77:83:b8:b3:c1:dc:94:fd:
                    0b:d1:1a:0b:01:0d:13:86:d8:69:1d:82:1f:78:73:
                    04:6f:e3:fa:da:be:78:f4:b1:4c:f0:cb:26:34:49:
                    56:97:dd:e5:a8:b9:8f:ec:83:5f:52:95:87:3e:51:
                    90:c4:84:a5:33:3c:64:b5:24:a2:e4:25:6b:c3:94:
                    56:48:df:a0:60:14:f9:20:5d:c9:75:9b:6c:46:55:
                    9f:9f:9c:5d:90:f8:de:af:28:4a:52:8b:aa:5e:e4:
                    5e:07:2e:78:2e:28:2c:e7:15:ae:ae:41:6e:16:61:
                    0d:ca:d0:ca:73:b3:9e:75:7b:e0:2c:96:c0:63:a8:
                    88:37:39:a2:df:33:ab:4d:b1:5e:79:d3:15:2a:74:
                    b1:2c:78:64:d2:8b:0a:6e:2e:2d:af:98:67:cc:6f:
                    28:dc:39:aa:77:57:cb:1a:56:f2:3b:7c:eb:04:b9:
                    61:b2:d1:48:6a:93:a2:08:89:96:9e:48:fe:50:ab:
                    cc:e0:28:78:b7:41:03:b9:12:d3:71:07:5a:34:0e:
                    4f:6a:43:6c:47:62:11:97:12:ef:d2:3e:78:53:fa:
                    c5:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                57:4E:E0:A3:AB:96:BF:C3:13:63:13:EA:44:72:AE:34:44:B6:C2:61
            X509v3 Authority Key Identifier:
                keyid:9F:39:96:68:63:D8:2F:A8:BD:1C:A3:93:69:05:FA:1E:24:A9:A0:BF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nzmWaGPYL6i9HKOTaQX6HiSpoL8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/c3e3ad-51eb-4e96-98b2-0b1d09498534/1/nzmWaGPYL6i9HKOTaQX6HiSpoL8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/c3e3ad-51eb-4e96-98b2-0b1d09498534/1/nzmWaGPYL6i9HKOTaQX6HiSpoL8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6b:27:1b:31:d3:65:94:b3:39:1f:90:3d:b9:6f:79:d6:91:40:
         cc:03:62:40:74:7d:c8:f0:13:63:29:9f:5e:ec:96:3d:83:1b:
         94:70:80:9c:8a:f9:9d:ac:0d:53:91:e2:ca:eb:4e:a7:d3:ce:
         ed:aa:d5:4a:f7:be:cb:bb:fa:23:82:bd:24:f8:4d:d8:a4:52:
         2a:27:38:c7:6f:b8:0e:cc:e5:a8:8c:68:29:0f:1f:68:43:cf:
         dd:bd:3a:78:7b:8c:44:58:1c:9c:f3:4e:98:44:f0:ba:e8:73:
         3f:51:8a:a5:42:ba:04:41:6d:5e:18:01:02:d1:bc:a5:b9:38:
         16:ab:83:a7:1c:1a:c4:db:30:fc:05:25:ed:44:df:31:9d:48:
         b0:12:95:04:07:3a:15:38:3e:48:16:68:f9:72:f6:f5:c8:28:
         bd:b2:43:7b:50:2e:6e:89:49:a4:86:70:44:48:ce:2d:4a:e7:
         b1:a3:a6:ab:5c:cf:15:20:22:fa:e6:fa:d3:b8:16:37:9e:3e:
         72:ae:5d:4c:89:1a:7c:0b:84:cb:50:8f:2b:23:ff:e8:a2:cc:
         fd:2a:0b:f9:db:5a:17:9d:37:a4:81:06:12:f0:c9:46:79:ae:
         a6:46:14:67:48:58:c7:7f:75:55:1e:6a:3c:c9:69:ff:5a:ad:
         ba:ef:90:20
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNXLdvEVYhWNuMvKinHqzHFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmMzk5NjY4NjNkODJmYThiZDFjYTM5MzY5MDVmYTFlMjRh
OWEwYmYwHhcNMjQxMTIzMDQwMDQzWhcNMjQxMTI0MDQwMDQzWjAzMTEwLwYDVQQD
Eyg1NzRlZTBhM2FiOTZiZmMzMTM2MzEzZWE0NDcyYWUzNDQ0YjZjMjYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3WvK8chfMEePqOiIMLtMzdQlIaZF
VbzR9XEFCZG9ZhobyQTDd4O4s8HclP0L0RoLAQ0ThthpHYIfeHMEb+P62r549LFM
8MsmNElWl93lqLmP7INfUpWHPlGQxISlMzxktSSi5CVrw5RWSN+gYBT5IF3JdZts
RlWfn5xdkPjeryhKUouqXuReBy54Ligs5xWurkFuFmENytDKc7OedXvgLJbAY6iI
Nzmi3zOrTbFeedMVKnSxLHhk0osKbi4tr5hnzG8o3Dmqd1fLGlbyO3zrBLlhstFI
apOiCImWnkj+UKvM4Ch4t0EDuRLTcQdaNA5PakNsR2IRlxLv0j54U/rFtwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFdO4KOrlr/DE2MT6kRyrjREtsJhMB8GA1UdIwQY
MBaAFJ85lmhj2C+ovRyjk2kF+h4kqaC/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnptV2FHUFlMNmk5SEtPVGFRWDZIaVNwb0w4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS9jM2UzYWQtNTFlYi00ZTk2LTk4YjIt
MGIxZDA5NDk4NTM0LzEvbnptV2FHUFlMNmk5SEtPVGFRWDZIaVNwb0w4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS9jM2UzYWQtNTFlYi00ZTk2LTk4YjItMGIxZDA5NDk4NTM0
LzEvbnptV2FHUFlMNmk5SEtPVGFRWDZIaVNwb0w4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAaycbMdNl
lLM5H5A9uW951pFAzANiQHR9yPATYymfXuyWPYMblHCAnIr5nawNU5HiyutOp9PO
7arVSve+y7v6I4K9JPhN2KRSKic4x2+4DszlqIxoKQ8faEPP3b06eHuMRFgcnPNO
mETwuuhzP1GKpUK6BEFtXhgBAtG8pbk4FquDpxwaxNsw/AUl7UTfMZ1IsBKVBAc6
FTg+SBZo+XL29cgovbJDe1AubolJpIZwREjOLUrnsaOmq1zPFSAi+ub607gWN54+
cq5dTIkafAuEy1CPKyP/6KLM/SoL+dtaF503pIEGEvDJRnmupkYUZ0hYx391VR5q
PMlp/1qtuu+QIA==
-----END CERTIFICATE-----